VERY IMPORTANT

In the summer of 2022, the Group-IB Managed Extended Detection and Response (MXDR) solution successfully detected and blocked an email carrying a malicious attachment. This email was intended for Group-IB’s employees. While analyzing this attack, Anastasia Tikhonova, Head of APT Research, and Dmitry Kupin, Senior Malware Analyst, at the Group-IB Threat Intelligence team found patterns in the actions of the attackers and attributed the observed TTPs to Tonto Team.